From 76ced5d6a65b6de035e17467721314e6eaeda806 Mon Sep 17 00:00:00 2001
From: Badhri Jagan Sridharan <Badhri@google.com>
Date: Wed, 24 Jan 2018 15:43:56 -0800
Subject: [PATCH] Grant create_file_perms to hal_usb_gadget_server

type=1400 audit(1516839845.731:13): avc: denied { unlink } for pid=800
comm="usb@1.1-service" name="UDC" dev="configfs" ino=27143
scontext=u:r:hal_usb_impl:s0 tcontext=u:object_r:configfs:s0
tclass=file permissive=0

avc: denied { unlink } for pid=800 comm="usb@1.1-service" name="UDC"
dev="configfs" ino=27143 scontext=u:r:hal_usb_impl:s0
tcontext=u:object_r:configfs:s0 tclass=file permissive=0


Bug: 63669128
Change-Id: If193c88658ec9c72299beb717990ddb8211da9a5
---
 public/hal_usb_gadget.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/public/hal_usb_gadget.te b/public/hal_usb_gadget.te
index 16f4f0821..e412758a0 100644
--- a/public/hal_usb_gadget.te
+++ b/public/hal_usb_gadget.te
@@ -8,7 +8,7 @@ allow hal_usb_gadget_client hal_usb_gadget_hwservice:hwservice_manager find;
 # Configuring usb gadget functions
 allow hal_usb_gadget_server configfs:lnk_file { read create unlink};
 allow hal_usb_gadget_server configfs:dir rw_dir_perms;
-allow hal_usb_gadget_server configfs:file rw_file_perms;
+allow hal_usb_gadget_server configfs:file create_file_perms;
 allow hal_usb_gadget_server functionfs:dir { read search };
 allow hal_usb_gadget_server functionfs:file read;
 
-- 
GitLab